Jargon Buster

In the world of business crime and security you will come across many terms that you may have never heard of. We have made a glossary to help you understand the commonly used terms to further help your knowledge.

Term Definition
Backdoor Code that is often installed by malware that inserts itself into programs or operating systems to provide unauthorized access to data.
Bot A program used for specific functions such as; keeping ports open or launching a flood of packets during a DDoS attack.
Botnet A set of Bots installed onto a computer for use of creating DDoS attacks and sending SPAM.
Clone Phishing This type of Phishing attack is caused by the attacker directly copying legitimate emails sent from a trusted organisation. However links and attachments will be malicious deceiving you into revealing your identity.
Cracking Abbreviation of criminal hacking.
Data diddling Modifying data for your own expense i.e. changing grades, credit rates etc.
Data Leakage When an unauthorized transmission is allowing data to leave the system. This can be using a removal disk, printout, photographs of the screen etc.
Denial-of-Service (DoS) attack An attempt to make a machine or network resource unavailable. Usually involves spoofing packets or email headers.
Distributed Denial-of-Service (DDoS) attack A type of DoS attack where multiple compromised systems, for example a Botnet, are used to target a single system causing a DoS attack.
DNS (Domain Name System) A system for naming individual computers and network services that is organized into a hierarchy of domains. It is commonly used by the internet to locate computers through friendly names.
Easter egg Undocumented, unauthorized program functions in a production program.
Exploit A method for exploiting a vulnerability to take control of a system or compromise it.
Hacking Gaining unauthorized access to data in a system or computer.
Hacktivism Politcally or ideologically-motivated vandalism e.g. defacing a website with reason.
Identity Theft Creating a false identity with someone else’s identity information like; name, national insurance number etc.
Impersonation Pretending to be someone or something you are not.
Latency The time between the stimulation and the response. The period where a logic bomb, virus or worm refrains damage (delivering the payload). Long latency can result in severe consequences for infected systems.
Login Bomb A form of virus. A program in which damage (the payload) is delivered when a particular condition occurs.
Mail-bombing Sending large numbers of unwanted emails to a single recipient or to a group of recipients, this is not SPAM it is a form of DoS.
Malware Abbreviation of Malicious software, categorizes dangerous software like; Ransomware, Trojan horses, viruses, worms, rootkits etc.
Master Program In a DDoS attack, a program that communicates with implanted zombie programs on compromised computers. The master program usually transmits instructions to zombies with details of the targeted system.
Payload The activities that malware perform on an infected computer.
Penetration Unauthorized access to restricted systems.
Piggybacking Getting access to secure locations by following an authorized person through the grid.
Phishing Using forged emails or websites that imitate an official communication or page to trick people into revealing logon credentials or other private information. Often used for piggybacking, identity-theft or fraud.
Root Kit A script used to gain unauthorized root privileges on compromised systems.
Sabotage Deliberate damage to to operations or equipment.
Salami theft Technique of accumulating round-off errors and saving them up for a later withdrawal.
Scavenging Using discarded listings, tapes or other storage media to find useful information like access codes, credentials and any other sensitive data.
Scripts Any simple program.
Smishing Using text messages to mimic real alerts with links to webpages designed to trick you into giving away personal details. Often used for identity-theft or fraud.
Spear Phishing A targeted attempt to use emails or websites that imitate an official communication or page to trick people into revealing logon credentials or other private information. Often used for piggybacking, identity-theft or fraud.
Time bomb A malicious program that waits for a specific time before activating its payloads. Time bomb is a form of logic bomb found in Trojan horses.
Trojan Horses In reference to the Greek myth, a Trojan Horse is an innocent looking program that can alter data, record passwords, send confidential data, open back doors and much more.
Vandalism Destruction or malicious modification without authorization.
Virus A piece of code that is capable of duplicating itself and can cause payloads like corrupting systems and destroying data.
Vishing A specific type of Phishing attack that uses voice calls. Attempting to imitate an alert from an important and trusted organisation to convince you to pay a fee or disclose confidential personal details. The aim of the attacks are to steal your money or identity.
Vulnerability A weakness or flaw in a computer system, network or program that allows attacks from malware.
Whaling A very targeted Phishing attack, aimed at high profile individuals. Diverse phishing techniques and social engineering is used to get the intended individual to hand over the required data. This data could be confidential business data or business funds.
Wiretapping Using unauthorized equipment or software to eavesdrop on data or voice transmissions e.g. installing Keystrokes onto a computer to find what a person is typing.
Worm Like a virus, however spreads through computer systems and networks duplicating itself without integrating itself into other executable code.
Zombie A program that waits in victims computers for instructions, commonly used to cause DDoS attacks.